Unrated severityNVD Advisory· Published Oct 29, 2008· Updated Jun 16, 2026
CVE-2008-4792
CVE-2008-4792
Description
The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
4- drupal.org/node/318706nvdPatchVendor Advisory
- secunia.com/advisories/32201nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2008/10/21/7nvdMailing ListThird Party Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/45761nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.